Thursday, March 29, 2018

IC3 Issues Alert on Tech Support Fraud

The Internet Crime Complaint Center (IC3) has released an alert on tech support fraud. Tech support fraud involves criminals claiming to provide technical support to fix problems that don't exist. Their methods include placing calls, sending pop-ups, engaging misleading lock screens, and sending emails to entice users to accept fraudulent tech support services. Users should not give control of their computers or mobile devices to any stranger offering to fix problems.

Omitting the “o” in .com Could Be CostlyTake care when typing a domain name into a browser address bar, because it’s far too easy to fat-finger a key and wind up somewhere you don’t want to go. For example, if you try to visit some of the most popular destinations on the Web but omit the “o” in .com (and type .cm instead), there’s a good chance your browser will be bombarded with malware alerts and other misleading messages — potentially even causing your computer to lock up completely. As it happens, many of these domains appear tied to a marketing company whose CEO is a convicted felon and once self-proclaimed “Spam King.”

Matthew Chambers is a senior security adviser at SecureWorks, an Atlanta-based firm that helps companies defend against and respond to cyberattacks. Earlier this month Chambers penned a post on his personal blog detailing what he found after several users he looks after accidentally mistyped different domains — such as espn[dot]cm. ...

Dear User,This message is to inform you that your access to the library will soonexpire. You will have to login to your account to continue to have accessto this service.You can reactivate it by logging in through the following URL. A successfullogin will activate your account and you will be redirected to your page.

hxxp://login.umn.xxxx.ga/idp/profile/SAML2/Redirect

If you are not able to login, please contact Sarah Miller at xxxx@umn.edu (fake email) for immediate assistance.Sincerely,Sarah Miller (not a library staff member)University of Minnesota Libraries499 Wilson Library309 19th Avenue South

Tuesday, March 20, 2018

Fraudulent pages attempt to lure incoming students into fake University Facebook Groups.

STATEMENT FROM THE UNIVERSITY OF MINNESOTA

Each year as students confirm their enrollment to the University of Minnesota, they receive an official Welcome email that lists next steps—such as reminders to apply for financial aid and housing—and other options to consider before their New Student Orientation in the summer.

Included in that email is information about a closed Facebook group created by the University of Minnesota that is just for students in the incoming class. The University works to verify that only confirmed freshmen are accepted to the group so that these students can connect with others in their cohort without the distraction of marketing efforts or misrepresentation.

Students should be aware that an official University of Minnesota Facebook page or group would never:• endorse or promote the purchase of commercial products or services that are unaffiliated with the University of Minnesota;• ask for personal or student data, such as a student ID, social security number or other personal identification data;• solicit payment or purchasing information for any reason through these channels.

As for outside entities, actions are limited when a page clearly identifies itself as unofficial, independently run and unaffiliated with the University. In some circumstances, Off-Campus Living - a unit of the Office for Student Affairs - will join unofficial groups to monitor for and respond to questions within the unit's area of focus. If an applicant has questions about a particular page or group, they are encouraged to contact Orientation & Transition Experiences.